As knowledge management systems become more open to Internet access, security is a growing concern. Security needs to be more flexible and scalable than that traditionally provided by Database management systems. Furthermore, the security architecture is derivative and subordinate to system architecture; one cannot propose a security architecture, except in the context of and in response to enterprise architecture.
We have proposed a cybernetic-based model using the VSM (Viable Systems Model). This provides a meta-structure for the management of disparate data and supports a variety of processing types (planning, predicting, and exploiting new and existing resources) in an organic way. The result is a complex organic distributed architecture, called CODA.
Several security techniques exist, but most of them are not suitable for enterprise systems. However, the role-based access control RBAC is a robust securitytechnique, which can seamlessly be adapted to data warehousing systems.
The key contribution of this paper is to define an RBAC model, which is appropriate to the CODA based enterprise systems, and to derive a CORBA based architecture of this model. The architecture of the security system, as part of CODA, supports a set of architectural properties namely: scalability, effectiveness inensuring secure access, and good performance. In addition to the access control provided by our system, it guarantees all the functionality of a security system including authentication and auditing.'